Hacktivist Groups Target Indian Elections, Leak Personal Data, Says Report


India, with a population of over 1.4 billion and a GDP of over 3.417 trillion USD, has become a prime target for cyberattacks during its general elections scheduled between 19 April and 1 June 2024, reports Resecurity’s cyber threat intelligence team.

The attacks, which involve leaking of stolen personal information and misinformation campaigns, have increased by nearly 300% since the launch of the #OpIndia campaign last year. However, researchers believe these could be precursors to more significant malicious activity that may also involve foreign interference. 

Around 16 different independent hacktivist groups are targeting Indian elections, including Anon Black Flag Indonesia, Anonymous Bangladesh, and Morocco Black Cyber Army, among others.

“These 16 groups have targeted multiple law enforcement, government, healthcare, financial, educational, and private sector organizations in India, taking advantage of geopolitical narratives before recent elections,” researchers noted.

Resecurity observed that the Ahadun-Ahad 2.0 Team has published Indian Voter ID cards on Telegram, which are issued by the Election Commission of India to 18+ individuals domiciled in India. The source of the data is unclear, but they suspect it is linked to compromised third-party entities. 

Moreover, cybercriminals have stolen AADHAAR, PAN, driving licenses, and NOC documents from the Dark Web, including 36 GB of personally identifiable information (PII) belonging to Indian citizens.

The data, primarily in graphic form with victims’ selfies, could be used to spread false information, undermine trust in the electoral process, and profit from selling stolen information on the dark web. Resecurity alerted law enforcement and federal authorities to the leaked data.

Researchers also observed public opinion manipulation campaigns targeting Indian government leaders, using data leaks, website defacements, and political narratives. These ‘cyber-guerilla’ tactics blur attribution and operate under the ‘false flag’ of independent hacktivists aiming to create social conflict between Indian and Muslim populations.

Leaked ID cards and website defacement (screenshot: Rsecurity)

Resecurity reports that cybercriminals have targeted elections in 17 countries, raising concerns about the upcoming US general elections. To build a “cybersecure society,” proper identity protection mechanisms should be implemented, with proactive notifications for citizens when leaks are detected in the dark web, researchers concluded.

You can detect phoney social media posts by scrutinizing catchy slogans, verifying the source and videos/photos (if included) to ensure they’re not tampered with and don’t hesitate to report suspicious activity.

  1. Threat Actors Selling 1.8TB Database of Indian Mobile Users
  2. Hacker Leaks 73M Records from Indian HDFC Bank Subsidiary
  3. Hundreds of Indians Rescued from Cambodian Cybercrime Gangs
  4. Indian ISP Hathway Data Breach: Hacker Leaks 4M Users, KYC Data
  5. Vietnamese DarkGate Malware Hits META Accounts in the UK, USA, India





Source link